/[sysplogd]/sysplogd

This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!

Diff of /sysplogd

Parent Directory | Revision Log | View Patch Patch

-revision 2 by dpavlin,
Fri Apr 10 19:12:17 2009 UTC
+revision 9 by dpavlin,
Sat Apr 11 10:03:04 2009 UTC
 Line 5 
 use strict;
  use IO::Socket;
  use Data::Dump qw/dump/;
- #use StoreToMongoDB;
+ use DBI;
+ use Getopt::Long;
  my $port = 514;
  my $MAXLEN = 1524;
- my @facilities = ( qw/
+ my $dsn    = 'DBI:Pg:dbname=syslog;host=llin.lan';
- kernel user mail system security internal printer news uucp clock security2
+ my $user   = 'dpavlin';
- FTP NTP audit alert clock2 local0 local1 local2 local3 local4 local5 local6 local7
+ my $debug  = 0;
- / );
+ my $schema = 0;
+ my $log    = '/tmp/sysplog.log';
+ GetOptions(
+         'debug+'  => \$debug,
+         'schema!' => \$schema,
+         'log=s'   => \$log,
+ ) || die "usage: $0 --debug --schema\n";
+ our $VERSION = '0.00';
+ my $sql_schema = q{
+ CREATE TABLE facilities (
+         id              serial,
+         name            text,
+         PRIMARY KEY(name)
+ );
+ CREATE TABLE log (
+         id              serial,
+         timestamp       timestamp default now(),
+         ip              inet not null,
+         hostname        text not null,
+         message         text,
+         level           int,
+         facility        int,
+         program         text,
+         pid             int,
+         PRIMARY KEY (id)
+ );
+ };
+ my $dbh = DBI->connect( $dsn, $user, '', { RaiseError => 1 } ) || die $DBI::errstr;
+ if ( $schema ) {
+         $dbh->begin_work;
+         $dbh->do( $_ ) foreach split(/;/, $sql_schema);
+         my $sth = $dbh->prepare( q{
+                 insert into facilities (name) values (?)
+         });
+         $sth->execute( $_ ) foreach ( qw/
+                 kernel user mail system security internal
+                 printer news uucp clock
+                 security2
+                 ftp ntp
+                 audit alert
+                 clock2
+                 local0 local1 local2 local3 local4 local5 local6 local7
+         / );
+         warn "# created sql schema\n";
+         $dbh->commit;
+ }
+ my $sth_log_full = $dbh->prepare(qq{
+         insert into log
+         (ip,hostname,message,level,facility,program,pid)
+         values (?,?,?,?,?,?,?)
+ });
+ my $sth_log_unparsed = $dbh->prepare(qq{
+         insert into log (ip,hostname,messsage) values (?,?,?)
+ });
- # Start Listening on UDP port 514
  my $sock = IO::Socket::INET->new(
          LocalPort => $port,
          Proto => 'udp'
  #       ReuseAddr => 1,
  ) || die "can't listen to $port: $!";
- print "INFO: listen on $port",$/;
+ open(my $log_fh, '>>', $log) || die "can't open log $log: $!";
+ $log_fh->autoflush(1);
+ sub _log {
+         warn 'LOG ',dump( @_ ), $/ if $debug;
+         print $log_fh time() . '|' . join('|', @_), $/;
+ }
+ _log "INFO: listen on $port";
  my $rin = '';
  my $buf;
-Line 32 
 while(1) {
+Line 111 
 while(1) {
          my ($port, $ipaddr) = sockaddr_in($sock->peername);
          my $hostname = gethostbyaddr($ipaddr, AF_INET);
          my $ip = join('.', unpack('C4',$ipaddr));
-         warn "# ",dump( $port, $ipaddr, $hostname, $buf );
+         my @values = ( $ip, $hostname, $buf );
-         if ( $buf=~/<(\d+)>(.*?):(.*)/ ) {
+         if ( $buf =~ /<(\d+)>\s*(\S*)\s*:\s*(.*)/ ) {
-                 my $sev=$1 % 8;
+                 $values[2] = $3;
-                 my $fac=($1-$sev) / 8;
+                 my $level    = $1 % 8;
+                 my $facility = ( $1-$level ) / 8;
-                 my $log = {
+                 my $program  = $2;
-                         ip => $ip,
+                 my $pid      = $1 if $program =~ s/\[(\d+)\]$//;
-                         port => $port,
+                 push @values, ( $level, $facility, $program, $pid );
-                         hostname => $hostname,
+                 $sth_log_full->execute( @values );
+         } else {
-                         priority => $1,
+                 $sth_log_unparsed->execute( @values );
-                         severity => $sev,
-                         facility => $fac,
-                         header => $2,
-                         message => $3,
-                 };
-                 print dump( $log ),$/;
-                 #StoreToMongoDB->insert( $log );
          }
+         _log( @values );
  }

 Legend:



Removed from v.2
 


changed lines


 
Added in v.9
 Legend:



Removed from v.2
 


changed lines


 
Added in v.9
-Removed from v.2
+Added in v.9

	ViewVC Help
Powered by ViewVC 1.1.26